HA Kubernetes Cluster on AWS? – Kops makes it easy

12 March 2017 on kubernetes, KopsIn the first post of our mini-series about Kops, I demonstrated how you could set up a highly available Kubernetes cluster on AWS in an existing VPC leveraging the awesome open-source project Kops.In order to demonstrate how this could be accomplished, I demonstrated how to set up all the networking, with VPC, subnets, route tables, etc. This may have skewed people’s understanding of the ease of use of Kops. This was not the intention.However, I think the post demonstrated an actual use-case that many people migrating to Kubernetes on AWS is facing. At least it was the requirements I was facing in our migration path towards Kubernetes. We already had multiple services running in a VPC, like RDS databases, VPN connections, etc. The Kubernetes cluster, therefore, had to be spun up within this VPC in order to be able to communicate with the already existing services using private IPs.Therefore, to show some of the magic that Kops can do, I will write this follow-up post showing you how fast you can get up and running with a highly available Kops cluster similar to the previous post.As in the previous post, we want a highly available cluster spread across multiple availability zones, along with private networking to ensure a closed environment. The following diagram illustrates the setup we would like to accomplish.

There are a couple of prerequisites that need to be in place before we can spin up our cluster. First, you need an AWS Account, a domain, Kops, awscli (not necessary since you can do the same in the console).

In this post, I will assume that you already have a perfectly working AWS account and that you have configured Route53 to handle DNS for your domain. (if this is not the case, check out the official documentation of kops here.)

Great! Let’s get going.

The first thing you have to do is to set up a bucket that Kops will use to store the cluster state. I will create this bucket using the awscli tool, but feel free to create it using the console.

As you can see from the output, Kops will create all the needed resources at AWS including NAT Gateways for our private instances to be able to reach the public internet, the VPC, etc.

The creation of a cluster usally takes about 5-10 minutes.

As, also mentioned in the previous post, this will create all DNS entries in the private zone, thereby only making it accessible from within the AWS VPC. Therefore if you want to be able to connect to your cluster from your local machine, recreate the following entries in the public zone for your domain:

To verify that your cluster is up and running and reachable from your machine: